Htaccess configuration with password (htpasswd)

Hi there,
I’m trying to add a very basic authentication for my website as it is still under development.

I’ve added this lines (according to this article):

# Kirby .htaccess
AuthType Basic
AuthName "Password Protected Area"
AuthUserFile /.htpasswds/mypasswd
Require valid-user
then the standard Kirby htaccess with RewriteBase /

But I get a 500 internal server. My doubt is that the folder where the Apache configuration is looking for a passwd file is outside the Kirby folder (for security reasons):

├── /
    ├── ./.htpasswds/mypasswd
    ├── public_html/
                   ├── kirbycms
                       ├── .htaccess

I tried to move the file inside the folder, outside, rename etc but nothing happens.
Do you have any suggestions?

I think you need the absolute path to the file like so:

Authtype Basic
AuthName "Put whatever you want here"
AuthUserFile /var/www/vhosts/<hostname>/httpdocs/<path to your passwd file>
Require valid-user

I followed the tutorial on my webhost (bluehost) and it works :blush:

For further reference:

  • as you suggested, the path is related to the host, and for bluehost is something like AuthUserFile /home/username/.htpasswds
  • I genereted the password with this tool instead of the one I found on the article I mentioned in my first post.